3 matches found
CVE-2023-28700 ITPison OMICARD EDM - Arbitrary File Upload
OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administrator privileges can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt servic...
CVE-2023-28700
Summary: CVE-2023-28700 affects the OMICARD EDM backend system. The file-upload function does not restrict dangerous file types. A LAN attacker with administrator privileges can upload and run arbitrary executables, enabling arbitrary system commands or service disruption. Root cause (as describe...
CVE-2023-28700 ITPison OMICARD EDM - Arbitrary File Upload
OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administrator privileges can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt servic...